Scope of the project:
This position with be perform duties as part of Client execution of its responsibilities
under the statewide information security program. Client Responsibilities include:
- Supporting agencies during their development of the information
security program with direct tactical implementation assistance.
- Developing and tracking agency information security implementation plans.
- Interview administrators, managers and third parties to aid in
development of program artifacts.
- Ensuring high-level assessments of agencies' infosec work to ensure
progress is made.
- Providing high-level analysis of process and procedures work to
ensure compliance with state standards
Daily Duties / Responsibilities:
Duties include, but are not limited to:
- Interviewing business and technical owners to determine policies and
procedures used for each agency process.
- Developing and tracking infosec implementation plan progress.
- Documenting information gathered during both interviews and
- Document reviews to assist with developing formal process and procedures.
- Assessing agency documentation to ensure adequate approaches are used to
comply with controls.
Required skills (must include years of
experience, in order of importance)
- 10+ Years of Experience in
Information Security and
Compliance.
- 2+ Years of Experience with
security audits based on a
standard control set as an
auditor or responding
information system security
officer
- Must Have a Strong Working
Knowledge of NIST 800-53 (2
Years of Experience)
- Prior Experience POA&M or CAP.
- Strong Communication
Experience.
GRC Tool (Archer or
Similar) (3 Years of
Experience)
Preferred Skills (Rank in order of
Importance):
information security plan
or system security plan
notebook.
manage multiple
infosec work efforts.
HIPAA, CJIS, MARS-E
and/or PCI-DSS.
experience
Additional Skills
- Ability to identify, map and re- engineer business processes.
- Strong schedule management and resource planning skills.
- Ability to work at a high-volume and fast pace.
- Strong collaborator and strong ability to meet deadlines.
Required Education:
Bachelor's Degree
Preferred Certifications:
- CISA, GSLC, or equivalent
certification